Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware slowing system through services.exe (process)?


  • This topic is locked This topic is locked
65 replies to this topic

#1 SoCalBob55

SoCalBob55

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 16 October 2011 - 11:07 PM

I installed the Webroot program after reading a positive review and becoming concerned that the sudden recent slight slowing of my system might be due to some virus or malware. It found no issues, although the regular Webroot program had found trojan and said it removed it. I attempted to install AVG, and when it asked me to reboot, I was confronted with a brief blue screen of death on reboot, then continued recycling attempts to reboot. Restarted using most recent setting that worked option, then UNINSTALLED AVG, and then rebooting with no incident.

On restarting, services.exe began running at between 75 - 95 percent of CPU.

When I try to access the Windows Firewall settings, I see this dialogue box: :Due to an unidentified problem, Windows cannot display Windows Firewall settings.

Below and attached are the requested initial logs:

DDS

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Robert Weil at 19:46:05.96 on Sun 10/16/2011
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_24
.
============== Running Processes ===============
.
C:\Program Files\Webroot\WRSA.exe
C:\Program Files\WTouch\WTouchService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nlssrv32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
C:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
C:\Program Files\StorageCraft\ImageManager\ImageManager.exe
C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Webroot\WRSA.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\system32\dumprep.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\CineForm\Tools\CineFormActiveMetadataStatusViewer.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\WePrint\WePrint Server.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\vsnapvss.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Robert Weil\Desktop\Bleeping\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: PCTools Site Guard: {5c8b2a36-3db1-42a4-a3cb-d426709bbfeb} - c:\progra~1\spywar~1\tools\iesdsg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {D593DE91-7B41-45C2-830E-E9A99AB142AA} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
EB: {E69657FF-19AC-4849-BF35-91243EEF1687} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [SUPERAntiSpyware] "e:\program files\superantispyware\SUPERAntiSpyware.exe"
mRun: [hpWirelessAssistant] "c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe"
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [QlbCtrl] "c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe" /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [NeroFilterCheck] "c:\program files\common files\ahead\lib\NeroCheck.exe"
mRun: [TotalRecorderScheduler] "c:\program files\highcriteria\totalrecorder\TotRecSched.exe"
mRun: [RoxioEngineUtility] "c:\program files\common files\roxio shared\system\EngUtil.exe"
mRun: [dvd43] "c:\program files\dvd43\dvd43_tray.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [MSConfig] "c:\windows\pchealth\helpctr\binaries\MSConfig.exe" /auto
mRun: [Nikon Message Center 2] "c:\program files\nikon\nikon message center 2\NkMC2.exe" -s
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] "nwiz.exe" /installquiet /nodetect
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzg0MDgyMjU3LVNUMTJGT0krMS1ERFQrMA"&"prod=90"&"ver=2012.0.1831"&"mid=fd12229629b747d184a5d15a445a650e-41f21509a2af8094fb3facace9dc051f4cb66a21
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Namo SWF Catcher - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Sothink SWF Catcher - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\program files\winhttrack\WinHTTrackIEBar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263530833636
DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - hxxp://mediaplayer.walmart.com/installer/install.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\robert~1\applic~1\mozilla\firefox\profiles\1ie5u3vs.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage -
FF - component: c:\documents and settings\robert weil\application data\mozilla\firefox\profiles\1ie5u3vs.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
.
============= SERVICES / DRIVERS ===============
.
R? AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? IKFileSec;File Security Driver
R? IKSysFlt;System Filter Driver
R? IKSysSec;System Security Driver
R? Lavasoft Kernexplorer;Lavasoft helper driver
R? Mdno50;Mdno50
R? SASENUM;SASENUM
R? scsiscan;SCSI Scanner Driver
R? sdAuxService;PC Tools Auxiliary Service
R? sdCoreService;PC Tools Security Service
R? SWVNIC;SonicWALL Virtual Miniport
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aawservice;Ad-Aware 2007 Service
S? Lbd;Lbd
S? nlsX86cc;Nalpeiron Licensing Service
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? sbmount;StorageCraft Image Mount Driver
S? ShadowProtectSvc;ShadowProtect Service
S? stcvsm;stcvsm
S? StorageCraft Image Manager;StorageCraft Image Manager
S? SWGVCSvc;SonicWALL Global VPN Client Service
S? SWIPsec;SonicWALL IPsec Driver
S? TabletServicePen;TabletServicePen
S? TabletServiceWacom;TabletServiceWacom
S? thdudf;TOSHIBA UDF2.5 Reader File System Driver
S? VSNAPVSS;StorageCraft Shadow Copy Provider
S? WebrootSpySweeperService;Webroot Spy Sweeper Engine
S? WRkrn;WRkrn
S? WRSVC;WRSVC
S? WTouchService;WTouch Service
.
=============== Created Last 30 ================
.
2011-10-16 04:09:32 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-10-16 03:02:45 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-10-15 20:04:11 140760 ----a-w- c:\windows\system32\WRusr.dll
2011-10-15 20:04:10 106312 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2011-10-15 20:03:58 -------- d-----w- c:\docume~1\alluse~1\applic~1\WRData
.
==================== Find3M ====================
.
2011-10-16 04:19:01 90112 ----a-w- c:\windows\DUMP9f1e.tmp
2011-10-16 04:17:15 90112 ----a-w- c:\windows\DUMPadd4.tmp
2006-05-03 19:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 20:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 22:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll
.
============= FINISH: 20:01:53.35 ===============

Thanks in advance for any help or advice you can provide.

Bob W.

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,926 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:07 AM

Posted 21 October 2011 - 01:14 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please post the logs for my review.

#3 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 21 October 2011 - 10:22 PM

Attached File  aswMBR.txt   1.2KB   2 downloadsAttached are the log files requested.

Here is the TDSS log - it initially didn't find anything, until I selected Change Parameters and checked the boxes for Verify Drive Signatures and Detect TDLFS File System.

19:05:02.0062 4332 TDSS rootkit removing tool 2.6.12.0 Oct 21 2011 11:23:48
19:05:03.0343 4332 ============================================================
19:05:03.0343 4332 Current date / time: 2011/10/21 19:05:03.0343
19:05:03.0343 4332 SystemInfo:
19:05:03.0359 4332
19:05:03.0359 4332 OS Version: 5.1.2600 ServicePack: 2.0
19:05:03.0359 4332 Product type: Workstation
19:05:03.0359 4332 ComputerName: BOBSLAPTOP
19:05:03.0375 4332 UserName: Robert Weil
19:05:03.0375 4332 Windows directory: C:\WINDOWS
19:05:03.0375 4332 System windows directory: C:\WINDOWS
19:05:03.0375 4332 Processor architecture: Intel x86
19:05:03.0375 4332 Number of processors: 2
19:05:03.0375 4332 Page size: 0x1000
19:05:03.0375 4332 Boot type: Normal boot
19:05:03.0375 4332 ============================================================
19:05:17.0656 4332 Initialize success
19:05:23.0296 5960 ============================================================
19:05:23.0296 5960 Scan started
19:05:23.0296 5960 Mode: Manual;
19:05:23.0312 5960 ============================================================
19:05:24.0703 5960 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
19:05:24.0765 5960 61883 - ok
19:05:25.0031 5960 Abiosdsk - ok
19:05:25.0109 5960 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:05:25.0171 5960 abp480n5 - ok
19:05:25.0312 5960 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:05:25.0453 5960 ACPI - ok
19:05:25.0593 5960 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:05:25.0656 5960 ACPIEC - ok
19:05:25.0968 5960 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:05:26.0015 5960 adpu160m - ok
19:05:26.0187 5960 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
19:05:26.0296 5960 aec - ok
19:05:26.0484 5960 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
19:05:26.0593 5960 AFD - ok
19:05:26.0750 5960 AFS2K - ok
19:05:26.0781 5960 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:05:26.0828 5960 agp440 - ok
19:05:26.0875 5960 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:05:26.0937 5960 agpCPQ - ok
19:05:26.0968 5960 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:05:27.0000 5960 Aha154x - ok
19:05:27.0140 5960 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:05:27.0203 5960 aic78u2 - ok
19:05:27.0421 5960 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:05:27.0515 5960 aic78xx - ok
19:05:27.0796 5960 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:05:27.0875 5960 AliIde - ok
19:05:28.0062 5960 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:05:28.0125 5960 alim1541 - ok
19:05:28.0484 5960 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:05:28.0578 5960 amdagp - ok
19:05:28.0796 5960 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:05:28.0859 5960 amsint - ok
19:05:29.0140 5960 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:05:29.0343 5960 Arp1394 - ok
19:05:29.0593 5960 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:05:29.0671 5960 asc - ok
19:05:29.0796 5960 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:05:29.0828 5960 asc3350p - ok
19:05:29.0937 5960 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:05:29.0953 5960 asc3550 - ok
19:05:30.0546 5960 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
19:05:30.0765 5960 Aspi32 - ok
19:05:31.0000 5960 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:05:31.0093 5960 AsyncMac - ok
19:05:31.0328 5960 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:05:31.0390 5960 atapi - ok
19:05:31.0500 5960 Atdisk - ok
19:05:31.0703 5960 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:05:31.0781 5960 Atmarpc - ok
19:05:32.0171 5960 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:05:32.0250 5960 audstub - ok
19:05:32.0375 5960 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
19:05:32.0437 5960 Avc - ok
19:05:32.0750 5960 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:05:32.0781 5960 Beep - ok
19:05:33.0171 5960 BTKRNL (5c3807e7768023a1229c73296758a361) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
19:05:33.0375 5960 BTKRNL - ok
19:05:33.0750 5960 BTWUSB (7024e11dab9410b31a37547575249dd7) C:\WINDOWS\system32\Drivers\btwusb.sys
19:05:33.0828 5960 BTWUSB - ok
19:05:34.0015 5960 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:05:34.0078 5960 cbidf - ok
19:05:34.0203 5960 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:05:34.0281 5960 cbidf2k - ok
19:05:34.0500 5960 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:05:34.0609 5960 CCDECODE - ok
19:05:34.0843 5960 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:05:34.0937 5960 cd20xrnt - ok
19:05:35.0156 5960 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:05:35.0234 5960 Cdaudio - ok
19:05:35.0359 5960 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
19:05:35.0421 5960 Cdfs - ok
19:05:35.0718 5960 Cdr4_xp (c3e76b0c05ebf7261abfb08d9e75822e) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
19:05:35.0765 5960 Cdr4_xp - ok
19:05:36.0015 5960 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:05:36.0093 5960 Cdrom - ok
19:05:36.0296 5960 Changer - ok
19:05:36.0578 5960 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:05:36.0625 5960 CmBatt - ok
19:05:36.0796 5960 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:05:36.0875 5960 CmdIde - ok
19:05:37.0109 5960 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:05:37.0218 5960 Compbatt - ok
19:05:37.0734 5960 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:05:37.0781 5960 Cpqarray - ok
19:05:37.0906 5960 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:05:37.0984 5960 dac2w2k - ok
19:05:38.0234 5960 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:05:38.0312 5960 dac960nt - ok
19:05:38.0671 5960 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
19:05:38.0765 5960 Disk - ok
19:05:39.0015 5960 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
19:05:39.0078 5960 dmboot - ok
19:05:39.0312 5960 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
19:05:39.0437 5960 dmio - ok
19:05:39.0718 5960 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:05:39.0765 5960 dmload - ok
19:05:40.0046 5960 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:05:40.0125 5960 DMusic - ok
19:05:40.0328 5960 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys
19:05:40.0375 5960 DNE - ok
19:05:40.0796 5960 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:05:40.0921 5960 dpti2o - ok
19:05:41.0187 5960 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:05:41.0250 5960 drmkaud - ok
19:05:41.0656 5960 dvd43llh (1fc1eed3ea0c3a0ecf8a95b97e1b4831) C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
19:05:41.0703 5960 dvd43llh - ok
19:05:41.0968 5960 E100B (6ca101f9aa3d845ba31f6e13c01301a8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:05:42.0015 5960 E100B - ok
19:05:42.0203 5960 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
19:05:42.0296 5960 eabfiltr - ok
19:05:42.0468 5960 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
19:05:42.0546 5960 eabusb - ok
19:05:43.0046 5960 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
19:05:43.0093 5960 Fastfat - ok
19:05:43.0375 5960 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
19:05:43.0437 5960 Fdc - ok
19:05:43.0687 5960 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
19:05:43.0750 5960 Fips - ok
19:05:43.0828 5960 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:05:43.0906 5960 Flpydisk - ok
19:05:44.0093 5960 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:05:44.0125 5960 FltMgr - ok
19:05:44.0406 5960 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:05:44.0515 5960 Fs_Rec - ok
19:05:44.0750 5960 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:05:44.0796 5960 Ftdisk - ok
19:05:44.0859 5960 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:05:44.0906 5960 GEARAspiWDM - ok
19:05:44.0921 5960 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:05:45.0000 5960 Gpc - ok
19:05:45.0203 5960 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
19:05:45.0234 5960 HBtnKey - ok
19:05:45.0406 5960 HdAudAddService (bb42bb78bbbc1e83292ef26973598daf) C:\WINDOWS\system32\drivers\CHDAud.sys
19:05:45.0531 5960 HdAudAddService - ok
19:05:45.0687 5960 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:05:45.0781 5960 HDAudBus - ok
19:05:46.0062 5960 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:05:46.0125 5960 HidUsb - ok
19:05:46.0343 5960 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys
19:05:46.0437 5960 HPFXBULK - ok
19:05:46.0671 5960 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:05:46.0750 5960 hpn - ok
19:05:46.0859 5960 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:05:46.0921 5960 HPZid412 - ok
19:05:47.0140 5960 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:05:47.0203 5960 HPZipr12 - ok
19:05:47.0437 5960 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:05:47.0531 5960 HPZius12 - ok
19:05:47.0687 5960 HSFHWAZL (89e256c5f5346be265d9f86ac8625d4f) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
19:05:47.0718 5960 HSFHWAZL - ok
19:05:47.0812 5960 HSF_DPV (0e44af3828111d4c3e73c33ac95226d8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:05:48.0046 5960 HSF_DPV - ok
19:05:48.0296 5960 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
19:05:48.0390 5960 HTTP - ok
19:05:48.0593 5960 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:05:48.0625 5960 i2omgmt - ok
19:05:48.0734 5960 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:05:48.0781 5960 i2omp - ok
19:05:48.0953 5960 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:05:49.0046 5960 i8042prt - ok
19:05:49.0296 5960 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
19:05:49.0437 5960 iaStor - ok
19:05:49.0796 5960 IKFileSec (ff9f262494fc23d77a6148d49d87d2de) C:\WINDOWS\system32\drivers\ikfilesec.sys
19:05:49.0859 5960 IKFileSec - ok
19:05:50.0109 5960 IKSysFlt (7e359671fd9595ecb1b0a33fb4184b19) C:\WINDOWS\system32\drivers\iksysflt.sys
19:05:50.0203 5960 IKSysFlt - ok
19:05:50.0406 5960 IKSysSec (a44cb3cf3af266665261a6e6c9cac27c) C:\WINDOWS\system32\drivers\iksyssec.sys
19:05:50.0500 5960 IKSysSec - ok
19:05:50.0687 5960 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:05:50.0734 5960 Imapi - ok
19:05:51.0093 5960 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:05:51.0171 5960 ini910u - ok
19:05:51.0437 5960 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:05:51.0500 5960 IntelIde - ok
19:05:51.0718 5960 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:05:51.0781 5960 intelppm - ok
19:05:51.0843 5960 Ip6Fw - ok
19:05:52.0078 5960 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:05:52.0171 5960 IpFilterDriver - ok
19:05:52.0390 5960 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:05:52.0453 5960 IpInIp - ok
19:05:52.0625 5960 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:05:52.0765 5960 IpNat - ok
19:05:52.0984 5960 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:05:53.0062 5960 IPSec - ok
19:05:53.0250 5960 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:05:53.0328 5960 IRENUM - ok
19:05:53.0656 5960 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:05:53.0734 5960 isapnp - ok
19:05:53.0921 5960 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:05:53.0984 5960 Kbdclass - ok
19:05:54.0125 5960 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:05:54.0187 5960 kbdhid - ok
19:05:54.0406 5960 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
19:05:54.0484 5960 kmixer - ok
19:05:54.0640 5960 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
19:05:54.0703 5960 KSecDD - ok
19:05:55.0000 5960 Lavasoft Kernexplorer - ok
19:05:55.0109 5960 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
19:05:55.0171 5960 Lbd - ok
19:05:55.0390 5960 lbrtfdc - ok
19:05:55.0796 5960 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
19:05:55.0859 5960 MarvinBus - ok
19:05:56.0046 5960 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:05:56.0171 5960 mdmxsdk - ok
19:05:56.0375 5960 Mdno50 - ok
19:05:56.0531 5960 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:05:56.0593 5960 mnmdd - ok
19:05:56.0734 5960 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
19:05:56.0796 5960 Modem - ok
19:05:56.0984 5960 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:05:57.0078 5960 Mouclass - ok
19:05:57.0234 5960 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:05:57.0312 5960 mouhid - ok
19:05:57.0453 5960 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
19:05:57.0531 5960 MountMgr - ok
19:05:57.0718 5960 MQAC (db07b0088cdfd20c2a22e675120ede34) C:\WINDOWS\system32\drivers\mqac.sys
19:05:57.0796 5960 MQAC - ok
19:05:57.0968 5960 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:05:58.0062 5960 mraid35x - ok
19:05:58.0234 5960 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:05:58.0312 5960 MRxDAV - ok
19:05:58.0593 5960 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:05:58.0671 5960 MRxSmb - ok
19:05:59.0031 5960 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
19:05:59.0078 5960 MSDV - ok
19:05:59.0250 5960 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
19:05:59.0359 5960 Msfs - ok
19:05:59.0703 5960 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:05:59.0718 5960 MSKSSRV - ok
19:05:59.0953 5960 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:06:00.0000 5960 MSPCLOCK - ok
19:06:00.0218 5960 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
19:06:00.0312 5960 MSPQM - ok
19:06:00.0421 5960 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:06:00.0500 5960 mssmbios - ok
19:06:00.0671 5960 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
19:06:00.0765 5960 MSTEE - ok
19:06:00.0828 5960 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
19:06:00.0843 5960 Mup - ok
19:06:00.0968 5960 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:06:01.0031 5960 NABTSFEC - ok
19:06:01.0312 5960 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
19:06:01.0375 5960 NDIS - ok
19:06:01.0546 5960 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:06:01.0593 5960 NdisIP - ok
19:06:01.0750 5960 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:06:01.0859 5960 NdisTapi - ok
19:06:02.0000 5960 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:06:02.0046 5960 Ndisuio - ok
19:06:02.0312 5960 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:06:02.0375 5960 NdisWan - ok
19:06:02.0609 5960 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
19:06:02.0640 5960 NDProxy - ok
19:06:02.0859 5960 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:06:02.0906 5960 NetBIOS - ok
19:06:03.0109 5960 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:06:03.0187 5960 NetBT - ok
19:06:03.0812 5960 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:06:03.0906 5960 NIC1394 - ok
19:06:04.0156 5960 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
19:06:04.0171 5960 Npfs - ok
19:06:04.0484 5960 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
19:06:04.0671 5960 Ntfs - ok
19:06:04.0984 5960 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:06:05.0062 5960 Null - ok
19:06:05.0375 5960 nv (88d8f8d4c3243e0bb0ed57496868e52e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:06:05.0593 5960 nv - ok
19:06:05.0968 5960 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:06:06.0015 5960 NwlnkFlt - ok
19:06:06.0140 5960 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:06:06.0171 5960 NwlnkFwd - ok
19:06:06.0343 5960 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:06:06.0406 5960 ohci1394 - ok
19:06:06.0734 5960 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\drivers\Parport.sys
19:06:06.0781 5960 Parport - ok
19:06:06.0937 5960 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
19:06:07.0046 5960 PartMgr - ok
19:06:07.0187 5960 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:06:07.0265 5960 ParVdm - ok
19:06:07.0546 5960 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
19:06:07.0609 5960 PCI - ok
19:06:07.0734 5960 PCIDump - ok
19:06:07.0921 5960 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:06:08.0000 5960 PCIIde - ok
19:06:08.0140 5960 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:06:08.0187 5960 Pcmcia - ok
19:06:08.0390 5960 PDCOMP - ok
19:06:08.0625 5960 PDFRAME - ok
19:06:08.0734 5960 PDRELI - ok
19:06:08.0906 5960 PDRFRAME - ok
19:06:09.0109 5960 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:06:09.0156 5960 perc2 - ok
19:06:09.0328 5960 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:06:09.0421 5960 perc2hib - ok
19:06:09.0921 5960 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
19:06:10.0000 5960 pfc - ok
19:06:10.0296 5960 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:06:10.0375 5960 PptpMiniport - ok
19:06:10.0453 5960 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
19:06:10.0484 5960 PSched - ok
19:06:10.0500 5960 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:06:10.0578 5960 Ptilink - ok
19:06:10.0734 5960 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:06:10.0781 5960 PxHelp20 - ok
19:06:10.0843 5960 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:06:10.0921 5960 ql1080 - ok
19:06:11.0218 5960 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:06:11.0265 5960 Ql10wnt - ok
19:06:11.0421 5960 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:06:11.0500 5960 ql12160 - ok
19:06:11.0656 5960 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:06:11.0750 5960 ql1240 - ok
19:06:11.0796 5960 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:06:11.0890 5960 ql1280 - ok
19:06:11.0984 5960 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:06:12.0062 5960 RasAcd - ok
19:06:12.0421 5960 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:06:12.0500 5960 Rasl2tp - ok
19:06:12.0781 5960 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:06:12.0843 5960 RasPppoe - ok
19:06:12.0984 5960 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:06:13.0046 5960 Raspti - ok
19:06:13.0187 5960 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:06:13.0296 5960 Rdbss - ok
19:06:13.0328 5960 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:06:13.0359 5960 RDPCDD - ok
19:06:13.0531 5960 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:06:13.0593 5960 rdpdr - ok
19:06:13.0781 5960 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
19:06:13.0875 5960 RDPWD - ok
19:06:14.0015 5960 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:06:14.0078 5960 redbook - ok
19:06:14.0546 5960 RMCAST (35e81b908ae4e97fc7bdf4607c516ff4) C:\WINDOWS\system32\drivers\RMCast.sys
19:06:14.0578 5960 RMCAST - ok
19:06:14.0890 5960 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:06:15.0015 5960 rtl8139 - ok
19:06:15.0203 5960 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) E:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:06:15.0203 5960 SASDIFSV - ok
19:06:15.0234 5960 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) E:\Program Files\SUPERAntiSpyware\SASENUM.SYS
19:06:15.0265 5960 SASENUM - ok
19:06:15.0296 5960 SASKUTIL (61db0d0756a99506207fd724e3692b25) E:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
19:06:15.0343 5960 SASKUTIL - ok
19:06:15.0703 5960 sbmount (05fc20f1b2eec9c5bbe3d78c834dfa56) C:\WINDOWS\system32\drivers\sbmount.sys
19:06:15.0781 5960 sbmount - ok
19:06:16.0015 5960 sbp2port (3e2c3b180872be4120f246d85560b734) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
19:06:16.0093 5960 sbp2port - ok
19:06:16.0421 5960 scsiscan (4acfb25ecc8dd21707f747b28216cea1) C:\WINDOWS\system32\DRIVERS\scsiscan.sys
19:06:16.0468 5960 scsiscan - ok
19:06:16.0734 5960 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:06:16.0781 5960 sdbus - ok
19:06:16.0875 5960 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:06:16.0953 5960 Secdrv - ok
19:06:17.0390 5960 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
19:06:17.0484 5960 Serial - ok
19:06:18.0125 5960 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
19:06:18.0234 5960 Sfloppy - ok
19:06:18.0718 5960 Simbad - ok
19:06:18.0937 5960 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:06:19.0031 5960 sisagp - ok
19:06:19.0171 5960 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:06:19.0234 5960 SLIP - ok
19:06:19.0562 5960 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:06:19.0625 5960 Sparrow - ok
19:06:19.0734 5960 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
19:06:19.0796 5960 splitter - ok
19:06:19.0984 5960 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
19:06:20.0078 5960 sr - ok
19:06:20.0593 5960 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
19:06:20.0656 5960 Srv - ok
19:06:20.0812 5960 SSFS0BB9 (d3ad8d2e550b262694b024d1eb1efffc) C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS
19:06:20.0859 5960 SSFS0BB9 - ok
19:06:21.0062 5960 SSHRMD (4d0e7a4befad963d3aecfac12fdeff16) C:\WINDOWS\system32\Drivers\SSHRMD.SYS
19:06:21.0140 5960 SSHRMD - ok
19:06:21.0328 5960 SSIDRV (43eeddc9b9b8accdb4a914ba893c73de) C:\WINDOWS\system32\Drivers\SSIDRV.SYS
19:06:21.0375 5960 SSIDRV - ok
19:06:21.0453 5960 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys
19:06:21.0531 5960 SSKBFD - ok
19:06:21.0687 5960 stcvsm (cfcee4a194278d2f3c2ff53d0355eda4) C:\WINDOWS\system32\drivers\stcvsm.sys
19:06:21.0734 5960 stcvsm - ok
19:06:22.0000 5960 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:06:22.0046 5960 streamip - ok
19:06:22.0234 5960 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:06:22.0359 5960 swenum - ok
19:06:22.0625 5960 SWIPsec (ebd83e322b4eb50f6a1d8d7b42d3745e) C:\WINDOWS\system32\Drivers\SWIPsec.sys
19:06:22.0671 5960 SWIPsec - ok
19:06:22.0750 5960 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:06:22.0812 5960 swmidi - ok
19:06:23.0031 5960 SWVNIC (962b13026b10b82d2874bfda4ecc048d) C:\WINDOWS\system32\DRIVERS\swvnic.sys
19:06:23.0125 5960 SWVNIC - ok
19:06:23.0296 5960 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:06:23.0359 5960 symc810 - ok
19:06:23.0500 5960 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:06:23.0578 5960 symc8xx - ok
19:06:23.0781 5960 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:06:23.0828 5960 sym_hi - ok
19:06:24.0046 5960 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:06:24.0093 5960 sym_u3 - ok
19:06:24.0218 5960 SynTP (c9a1785cc0d7a040dd0fdbfeaa8be135) C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:06:24.0281 5960 SynTP - ok
19:06:24.0406 5960 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:06:24.0468 5960 sysaudio - ok
19:06:24.0750 5960 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:06:24.0859 5960 Tcpip - ok
19:06:24.0890 5960 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:06:24.0921 5960 TDPIPE - ok
19:06:25.0125 5960 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
19:06:25.0203 5960 TDTCP - ok
19:06:25.0406 5960 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:06:25.0468 5960 TermDD - ok
19:06:25.0687 5960 thdudf (9d4bbd6e27b5562aea8295de7134e386) C:\WINDOWS\system32\DRIVERS\thdudf.sys
19:06:25.0781 5960 thdudf - ok
19:06:26.0109 5960 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
19:06:26.0187 5960 tifm21 - ok
19:06:26.0375 5960 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:06:26.0437 5960 TosIde - ok
19:06:26.0750 5960 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
19:06:26.0843 5960 Udfs - ok
19:06:26.0890 5960 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:06:27.0000 5960 ultra - ok
19:06:27.0312 5960 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
19:06:27.0375 5960 Update - ok
19:06:27.0718 5960 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:06:27.0781 5960 USBAAPL - ok
19:06:27.0906 5960 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:06:27.0984 5960 usbccgp - ok
19:06:28.0156 5960 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:06:28.0281 5960 usbehci - ok
19:06:28.0453 5960 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:06:28.0515 5960 usbhub - ok
19:06:28.0656 5960 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:06:28.0718 5960 usbprint - ok
19:06:28.0921 5960 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:06:29.0015 5960 usbscan - ok
19:06:29.0171 5960 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:06:29.0234 5960 USBSTOR - ok
19:06:29.0437 5960 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:06:29.0484 5960 usbuhci - ok
19:06:29.0718 5960 usb_rndisx (ae4df3b7d1db9373b08db4ed224e26b6) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:06:29.0781 5960 usb_rndisx - ok
19:06:29.0859 5960 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
19:06:29.0968 5960 VgaSave - ok
19:06:30.0156 5960 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:06:30.0234 5960 viaagp - ok
19:06:30.0390 5960 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:06:30.0468 5960 ViaIde - ok
19:06:30.0609 5960 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
19:06:30.0703 5960 VolSnap - ok
19:06:31.0234 5960 w39n51 (4e7b07653f4f9937cf62ad2869fba520) C:\WINDOWS\system32\DRIVERS\w39n51.sys
19:06:31.0421 5960 w39n51 - ok
19:06:31.0468 5960 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
19:06:31.0500 5960 wacommousefilter - ok
19:06:31.0640 5960 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
19:06:31.0750 5960 wacomvhid - ok
19:06:31.0875 5960 WacomVKHid (889459833432b161cb99cfdf84a1a9bb) C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
19:06:31.0968 5960 WacomVKHid - ok
19:06:32.0140 5960 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:06:32.0234 5960 Wanarp - ok
19:06:32.0406 5960 WDICA - ok
19:06:32.0593 5960 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
19:06:32.0671 5960 wdmaud - ok
19:06:32.0921 5960 winachsf (214bc3ad84907ad6ad655ac5465f449a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:06:33.0000 5960 winachsf - ok
19:06:34.0031 5960 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:06:34.0109 5960 WmiAcpi - ok
19:06:34.0640 5960 WRkrn (39c65c25d921860197577e77e700882b) C:\WINDOWS\system32\drivers\WRkrn.sys
19:06:34.0703 5960 WRkrn - ok
19:06:35.0000 5960 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:06:35.0093 5960 WSTCODEC - ok
19:06:35.0375 5960 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:06:35.0406 5960 WudfPf - ok
19:06:35.0593 5960 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:06:35.0671 5960 WudfRd - ok
19:06:36.0328 5960 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:06:36.0546 5960 \Device\Harddisk0\DR0 - ok
19:06:36.0656 5960 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5
19:06:36.0671 5960 \Device\Harddisk1\DR5 - ok
19:06:36.0765 5960 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk6\DR10
19:06:36.0921 5960 \Device\Harddisk6\DR10 - ok
19:06:36.0937 5960 Boot (0x1200) (9de4878c76370a6dc185589fbe43eabf) \Device\Harddisk0\DR0\Partition0
19:06:36.0937 5960 \Device\Harddisk0\DR0\Partition0 - ok
19:06:37.0093 5960 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk0\DR0\Partition1
19:06:37.0093 5960 \Device\Harddisk0\DR0\Partition1 - ok
19:06:37.0218 5960 Boot (0x1200) (747218f723c7a375907a7f5c40e6c644) \Device\Harddisk0\DR0\Partition2
19:06:37.0218 5960 \Device\Harddisk0\DR0\Partition2 - ok
19:06:37.0296 5960 Boot (0x1200) (ee3dc49bbc7bdfb67117d318e9b51aa1) \Device\Harddisk1\DR5\Partition0
19:06:37.0296 5960 \Device\Harddisk1\DR5\Partition0 - ok
19:06:37.0484 5960 Boot (0x1200) (4cf23a182751d64892cb75312cf254f2) \Device\Harddisk6\DR10\Partition0
19:06:37.0484 5960 \Device\Harddisk6\DR10\Partition0 - ok
19:06:37.0484 5960 ============================================================
19:06:37.0484 5960 Scan finished
19:06:37.0484 5960 ============================================================
19:06:37.0687 4152 Detected object count: 0
19:06:37.0687 4152 Actual detected object count: 0
19:07:29.0437 4164 ============================================================
19:07:29.0437 4164 Scan started
19:07:29.0437 4164 Mode: Manual; SigCheck; TDLFS;
19:07:29.0437 4164 ============================================================
19:07:31.0312 4164 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
19:07:39.0531 4164 61883 - ok
19:07:39.0750 4164 Abiosdsk - ok
19:07:39.0796 4164 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:07:42.0484 4164 abp480n5 - ok
19:07:42.0656 4164 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:07:46.0031 4164 ACPI - ok
19:07:46.0203 4164 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:07:49.0796 4164 ACPIEC - ok
19:07:50.0437 4164 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:07:54.0375 4164 adpu160m - ok
19:07:54.0656 4164 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
19:07:59.0609 4164 aec - ok
19:07:59.0984 4164 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
19:08:04.0609 4164 AFD - ok
19:08:04.0843 4164 AFS2K - ok
19:08:04.0953 4164 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:08:09.0406 4164 agp440 - ok
19:08:09.0609 4164 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:08:13.0500 4164 agpCPQ - ok
19:08:13.0703 4164 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:08:16.0781 4164 Aha154x - ok
19:08:16.0937 4164 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:08:20.0437 4164 aic78u2 - ok
19:08:20.0578 4164 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:08:25.0093 4164 aic78xx - ok
19:08:25.0421 4164 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:08:30.0203 4164 AliIde - ok
19:08:30.0375 4164 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:08:34.0906 4164 alim1541 - ok
19:08:35.0046 4164 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:08:39.0359 4164 amdagp - ok
19:08:39.0546 4164 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:08:42.0593 4164 amsint - ok
19:08:42.0859 4164 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:08:47.0203 4164 Arp1394 - ok
19:08:47.0359 4164 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:08:51.0656 4164 asc - ok
19:08:51.0875 4164 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:08:54.0859 4164 asc3350p - ok
19:08:55.0234 4164 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:08:59.0718 4164 asc3550 - ok
19:09:00.0015 4164 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
19:09:00.0328 4164 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
19:09:00.0328 4164 Aspi32 - detected UnsignedFile.Multi.Generic (1)
19:09:00.0687 4164 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:09:05.0046 4164 AsyncMac - ok
19:09:05.0171 4164 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:09:09.0593 4164 atapi - ok
19:09:09.0781 4164 Atdisk - ok
19:09:10.0000 4164 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:09:14.0343 4164 Atmarpc - ok
19:09:14.0890 4164 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:09:19.0187 4164 audstub - ok
19:09:19.0312 4164 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
19:09:23.0156 4164 Avc - ok
19:09:23.0421 4164 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:09:26.0750 4164 Beep - ok
19:09:27.0265 4164 BTKRNL (5c3807e7768023a1229c73296758a361) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
19:09:27.0562 4164 BTKRNL ( UnsignedFile.Multi.Generic ) - warning
19:09:27.0562 4164 BTKRNL - detected UnsignedFile.Multi.Generic (1)
19:09:27.0796 4164 BTWUSB (7024e11dab9410b31a37547575249dd7) C:\WINDOWS\system32\Drivers\btwusb.sys
19:09:28.0046 4164 BTWUSB ( UnsignedFile.Multi.Generic ) - warning
19:09:28.0046 4164 BTWUSB - detected UnsignedFile.Multi.Generic (1)
19:09:28.0312 4164 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:09:31.0843 4164 cbidf - ok
19:09:32.0062 4164 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:09:35.0734 4164 cbidf2k - ok
19:09:35.0953 4164 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:09:39.0890 4164 CCDECODE - ok
19:09:40.0000 4164 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:09:42.0890 4164 cd20xrnt - ok
19:09:43.0093 4164 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:09:46.0687 4164 Cdaudio - ok
19:09:46.0812 4164 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
19:09:51.0015 4164 Cdfs - ok
19:09:51.0203 4164 Cdr4_xp (c3e76b0c05ebf7261abfb08d9e75822e) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
19:09:52.0875 4164 Cdr4_xp - ok
19:09:53.0000 4164 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:09:56.0765 4164 Cdrom - ok
19:09:56.0937 4164 Changer - ok
19:09:57.0437 4164 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:10:01.0953 4164 CmBatt - ok
19:10:02.0140 4164 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:10:06.0421 4164 CmdIde - ok
19:10:06.0546 4164 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:10:11.0000 4164 Compbatt - ok
19:10:11.0609 4164 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:10:15.0500 4164 Cpqarray - ok
19:10:15.0859 4164 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:10:20.0703 4164 dac2w2k - ok
19:10:20.0843 4164 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:10:25.0078 4164 dac960nt - ok
19:10:25.0484 4164 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
19:10:30.0125 4164 Disk - ok
19:10:30.0312 4164 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
19:10:34.0906 4164 dmboot - ok
19:10:35.0203 4164 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
19:10:39.0921 4164 dmio - ok
19:10:40.0062 4164 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:10:44.0781 4164 dmload - ok
19:10:44.0953 4164 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:10:49.0687 4164 DMusic - ok
19:10:49.0875 4164 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys
19:10:50.0265 4164 DNE - ok
19:10:50.0625 4164 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:10:54.0859 4164 dpti2o - ok
19:10:55.0156 4164 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:10:59.0515 4164 drmkaud - ok
19:10:59.0703 4164 dvd43llh (1fc1eed3ea0c3a0ecf8a95b97e1b4831) C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
19:10:59.0968 4164 dvd43llh ( UnsignedFile.Multi.Generic ) - warning
19:10:59.0968 4164 dvd43llh - detected UnsignedFile.Multi.Generic (1)
19:11:00.0078 4164 E100B (6ca101f9aa3d845ba31f6e13c01301a8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:11:00.0734 4164 E100B - ok
19:11:00.0859 4164 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
19:11:01.0312 4164 eabfiltr - ok
19:11:01.0578 4164 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
19:11:02.0125 4164 eabusb - ok
19:11:02.0890 4164 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
19:11:07.0546 4164 Fastfat - ok
19:11:07.0703 4164 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
19:11:11.0562 4164 Fdc - ok
19:11:11.0750 4164 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
19:11:16.0140 4164 Fips - ok
19:11:16.0343 4164 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:11:21.0796 4164 Flpydisk - ok
19:11:21.0953 4164 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:11:26.0687 4164 FltMgr - ok
19:11:26.0921 4164 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:11:31.0421 4164 Fs_Rec - ok
19:11:31.0640 4164 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:11:35.0937 4164 Ftdisk - ok
19:11:36.0234 4164 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:11:36.0609 4164 GEARAspiWDM - ok
19:11:36.0796 4164 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:11:41.0328 4164 Gpc - ok
19:11:41.0531 4164 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
19:11:42.0062 4164 HBtnKey - ok
19:11:42.0156 4164 HdAudAddService (bb42bb78bbbc1e83292ef26973598daf) C:\WINDOWS\system32\drivers\CHDAud.sys
19:11:42.0828 4164 HdAudAddService - ok
19:11:42.0984 4164 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:11:43.0625 4164 HDAudBus - ok
19:11:43.0953 4164 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:11:48.0656 4164 HidUsb - ok
19:11:48.0796 4164 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys
19:11:49.0187 4164 HPFXBULK - ok
19:11:49.0328 4164 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:11:54.0453 4164 hpn - ok
19:11:54.0687 4164 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:11:55.0593 4164 HPZid412 - ok
19:11:55.0734 4164 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:11:56.0515 4164 HPZipr12 - ok
19:11:56.0640 4164 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:11:57.0375 4164 HPZius12 - ok
19:11:57.0656 4164 HSFHWAZL (89e256c5f5346be265d9f86ac8625d4f) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
19:11:58.0312 4164 HSFHWAZL - ok
19:11:58.0578 4164 HSF_DPV (0e44af3828111d4c3e73c33ac95226d8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:11:59.0421 4164 HSF_DPV - ok
19:11:59.0656 4164 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
19:12:04.0250 4164 HTTP - ok
19:12:04.0593 4164 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:12:08.0812 4164 i2omgmt - ok
19:12:08.0953 4164 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:12:13.0750 4164 i2omp - ok
19:12:13.0921 4164 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:12:19.0156 4164 i8042prt - ok
19:12:19.0468 4164 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
19:12:20.0140 4164 iaStor - ok
19:12:20.0484 4164 IKFileSec (ff9f262494fc23d77a6148d49d87d2de) C:\WINDOWS\system32\drivers\ikfilesec.sys
19:12:20.0968 4164 IKFileSec - ok
19:12:21.0234 4164 IKSysFlt (7e359671fd9595ecb1b0a33fb4184b19) C:\WINDOWS\system32\drivers\iksysflt.sys
19:12:21.0640 4164 IKSysFlt - ok
19:12:21.0937 4164 IKSysSec (a44cb3cf3af266665261a6e6c9cac27c) C:\WINDOWS\system32\drivers\iksyssec.sys
19:12:22.0250 4164 IKSysSec - ok
19:12:22.0625 4164 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:12:27.0218 4164 Imapi - ok
19:12:27.0453 4164 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:12:32.0203 4164 ini910u - ok
19:12:32.0546 4164 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:12:37.0140 4164 IntelIde - ok
19:12:37.0359 4164 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:12:41.0656 4164 intelppm - ok
19:12:41.0843 4164 Ip6Fw - ok
19:12:41.0937 4164 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:12:46.0109 4164 IpFilterDriver - ok
19:12:46.0375 4164 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:12:51.0468 4164 IpInIp - ok
19:12:51.0796 4164 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:12:56.0875 4164 IpNat - ok
19:12:57.0078 4164 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:13:02.0375 4164 IPSec - ok
19:13:02.0531 4164 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:13:05.0890 4164 IRENUM - ok
19:13:06.0421 4164 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:13:11.0453 4164 isapnp - ok
19:13:11.0750 4164 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:13:16.0640 4164 Kbdclass - ok
19:13:16.0828 4164 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:13:21.0781 4164 kbdhid - ok
19:13:22.0015 4164 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
19:13:27.0750 4164 kmixer - ok
19:13:27.0875 4164 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
19:13:32.0671 4164 KSecDD - ok
19:13:33.0093 4164 Lavasoft Kernexplorer - ok
19:13:33.0359 4164 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
19:13:33.0703 4164 Lbd - ok
19:13:33.0781 4164 lbrtfdc - ok
19:13:34.0187 4164 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
19:13:34.0625 4164 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
19:13:34.0640 4164 MarvinBus - detected UnsignedFile.Multi.Generic (1)
19:13:34.0843 4164 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:13:35.0531 4164 mdmxsdk - ok
19:13:35.0687 4164 Mdno50 - ok
19:13:35.0921 4164 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:13:41.0062 4164 mnmdd - ok
19:13:41.0296 4164 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
19:13:46.0234 4164 Modem - ok
19:13:46.0500 4164 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:13:51.0375 4164 Mouclass - ok
19:13:51.0609 4164 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:13:57.0265 4164 mouhid - ok
19:13:57.0531 4164 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
19:14:02.0546 4164 MountMgr - ok
19:14:02.0828 4164 MQAC (db07b0088cdfd20c2a22e675120ede34) C:\WINDOWS\system32\drivers\mqac.sys
19:14:06.0406 4164 MQAC - ok
19:14:06.0531 4164 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:14:11.0640 4164 mraid35x - ok
19:14:11.0843 4164 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:14:17.0875 4164 MRxDAV - ok
19:14:18.0125 4164 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:14:23.0375 4164 MRxSmb - ok
19:14:23.0796 4164 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
19:14:28.0765 4164 MSDV - ok
19:14:28.0953 4164 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
19:14:33.0656 4164 Msfs - ok
19:14:33.0984 4164 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:14:38.0375 4164 MSKSSRV - ok
19:14:38.0750 4164 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:14:43.0734 4164 MSPCLOCK - ok
19:14:43.0937 4164 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
19:14:48.0265 4164 MSPQM - ok
19:14:48.0453 4164 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:14:53.0531 4164 mssmbios - ok
19:14:53.0718 4164 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
19:14:57.0640 4164 MSTEE - ok
19:14:57.0937 4164 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
19:15:02.0781 4164 Mup - ok
19:15:03.0000 4164 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:15:07.0406 4164 NABTSFEC - ok
19:15:07.0609 4164 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
19:15:13.0078 4164 NDIS - ok
19:15:13.0203 4164 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:15:18.0093 4164 NdisIP - ok
19:15:18.0312 4164 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:15:22.0953 4164 NdisTapi - ok
19:15:23.0140 4164 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:15:27.0421 4164 Ndisuio - ok
19:15:27.0687 4164 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:15:32.0234 4164 NdisWan - ok
19:15:32.0562 4164 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
19:15:36.0781 4164 NDProxy - ok
19:15:36.0953 4164 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:15:41.0171 4164 NetBIOS - ok
19:15:41.0328 4164 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:15:45.0906 4164 NetBT - ok
19:15:46.0578 4164 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:15:50.0562 4164 NIC1394 - ok
19:15:50.0703 4164 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
19:15:54.0796 4164 Npfs - ok
19:15:55.0125 4164 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
19:15:59.0343 4164 Ntfs - ok
19:15:59.0671 4164 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:16:03.0703 4164 Null - ok
19:16:03.0984 4164 nv (88d8f8d4c3243e0bb0ed57496868e52e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:16:05.0218 4164 nv - ok
19:16:05.0562 4164 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:16:09.0468 4164 NwlnkFlt - ok
19:16:09.0703 4164 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:16:15.0015 4164 NwlnkFwd - ok
19:16:15.0359 4164 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:16:19.0968 4164 ohci1394 - ok
19:16:20.0281 4164 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\drivers\Parport.sys
19:16:24.0953 4164 Parport - ok
19:16:25.0078 4164 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
19:16:29.0531 4164 PartMgr - ok
19:16:29.0671 4164 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:16:34.0515 4164 ParVdm - ok
19:16:34.0734 4164 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
19:16:39.0281 4164 PCI - ok
19:16:39.0421 4164 PCIDump - ok
19:16:39.0500 4164 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:16:43.0906 4164 PCIIde - ok
19:16:44.0109 4164 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:16:49.0343 4164 Pcmcia - ok
19:16:49.0515 4164 PDCOMP - ok
19:16:49.0671 4164 PDFRAME - ok
19:16:49.0828 4164 PDRELI - ok
19:16:50.0078 4164 PDRFRAME - ok
19:16:50.0375 4164 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:16:55.0031 4164 perc2 - ok
19:16:55.0187 4164 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:16:59.0703 4164 perc2hib - ok
19:17:00.0281 4164 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
19:17:00.0531 4164 pfc ( UnsignedFile.Multi.Generic ) - warning
19:17:00.0531 4164 pfc - detected UnsignedFile.Multi.Generic (1)
19:17:01.0109 4164 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:17:05.0765 4164 PptpMiniport - ok
19:17:05.0953 4164 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
19:17:10.0421 4164 PSched - ok
19:17:10.0625 4164 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:17:14.0671 4164 Ptilink - ok
19:17:14.0859 4164 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:17:15.0187 4164 PxHelp20 - ok
19:17:15.0375 4164 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:17:19.0859 4164 ql1080 - ok
19:17:20.0078 4164 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:17:24.0265 4164 Ql10wnt - ok
19:17:24.0500 4164 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:17:28.0734 4164 ql12160 - ok
19:17:28.0937 4164 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:17:32.0968 4164 ql1240 - ok
19:17:33.0265 4164 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:17:37.0625 4164 ql1280 - ok
19:17:37.0781 4164 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:17:41.0640 4164 RasAcd - ok
19:17:41.0875 4164 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:17:45.0812 4164 Rasl2tp - ok
19:17:45.0968 4164 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:17:50.0265 4164 RasPppoe - ok
19:17:50.0453 4164 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:17:54.0687 4164 Raspti - ok
19:17:54.0843 4164 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:17:59.0093 4164 Rdbss - ok
19:17:59.0390 4164 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:18:03.0671 4164 RDPCDD - ok
19:18:03.0937 4164 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:18:07.0828 4164 rdpdr - ok
19:18:08.0171 4164 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
19:18:12.0765 4164 RDPWD - ok
19:18:12.0984 4164 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:18:17.0218 4164 redbook - ok
19:18:17.0687 4164 RMCAST (35e81b908ae4e97fc7bdf4607c516ff4) C:\WINDOWS\system32\drivers\RMCast.sys
19:18:22.0343 4164 RMCAST - ok
19:18:22.0796 4164 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:18:27.0250 4164 rtl8139 - ok
19:18:27.0375 4164 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) E:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:18:27.0703 4164 SASDIFSV - ok
19:18:27.0890 4164 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) E:\Program Files\SUPERAntiSpyware\SASENUM.SYS
19:18:28.0281 4164 SASENUM - ok
19:18:28.0312 4164 SASKUTIL (61db0d0756a99506207fd724e3692b25) E:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
19:18:28.0703 4164 SASKUTIL - ok
19:18:28.0921 4164 sbmount (05fc20f1b2eec9c5bbe3d78c834dfa56) C:\WINDOWS\system32\drivers\sbmount.sys
19:18:29.0406 4164 sbmount - ok
19:18:29.0453 4164 sbp2port (3e2c3b180872be4120f246d85560b734) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
19:18:34.0156 4164 sbp2port - ok
19:18:34.0437 4164 scsiscan (4acfb25ecc8dd21707f747b28216cea1) C:\WINDOWS\system32\DRIVERS\scsiscan.sys
19:18:38.0796 4164 scsiscan - ok
19:18:38.0937 4164 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:18:43.0796 4164 sdbus - ok
19:18:43.0937 4164 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:18:47.0640 4164 Secdrv - ok
19:18:47.0968 4164 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
19:18:53.0000 4164 Serial - ok
19:18:53.0562 4164 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
19:18:58.0593 4164 Sfloppy - ok
19:18:59.0171 4164 Simbad - ok
19:18:59.0484 4164 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:19:04.0187 4164 sisagp - ok
19:19:04.0406 4164 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:19:09.0218 4164 SLIP - ok
19:19:09.0546 4164 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:19:12.0953 4164 Sparrow - ok
19:19:13.0078 4164 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
19:19:18.0515 4164 splitter - ok
19:19:18.0781 4164 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
19:19:22.0265 4164 sr - ok
19:19:22.0640 4164 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
19:19:27.0031 4164 Srv - ok
19:19:27.0359 4164 SSFS0BB9 (d3ad8d2e550b262694b024d1eb1efffc) C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS
19:19:27.0750 4164 SSFS0BB9 - ok
19:19:27.0843 4164 SSHRMD (4d0e7a4befad963d3aecfac12fdeff16) C:\WINDOWS\system32\Drivers\SSHRMD.SYS
19:19:28.0250 4164 SSHRMD - ok
19:19:28.0406 4164 SSIDRV (43eeddc9b9b8accdb4a914ba893c73de) C:\WINDOWS\system32\Drivers\SSIDRV.SYS
19:19:28.0953 4164 SSIDRV - ok
19:19:29.0015 4164 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys
19:19:29.0515 4164 SSKBFD - ok
19:19:29.0640 4164 stcvsm (cfcee4a194278d2f3c2ff53d0355eda4) C:\WINDOWS\system32\drivers\stcvsm.sys
19:19:30.0187 4164 stcvsm - ok
19:19:30.0406 4164 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:19:35.0343 4164 streamip - ok
19:19:35.0515 4164 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:19:40.0140 4164 swenum - ok
19:19:40.0343 4164 SWIPsec (ebd83e322b4eb50f6a1d8d7b42d3745e) C:\WINDOWS\system32\Drivers\SWIPsec.sys
19:19:40.0859 4164 SWIPsec - ok
19:19:40.0937 4164 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:19:45.0781 4164 swmidi - ok
19:19:45.0968 4164 SWVNIC (962b13026b10b82d2874bfda4ecc048d) C:\WINDOWS\system32\DRIVERS\swvnic.sys
19:19:46.0265 4164 SWVNIC - ok
19:19:46.0343 4164 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:19:50.0609 4164 symc810 - ok
19:19:50.0859 4164 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:19:55.0296 4164 symc8xx - ok
19:19:55.0515 4164 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:20:00.0000 4164 sym_hi - ok
19:20:00.0171 4164 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:20:04.0359 4164 sym_u3 - ok
19:20:04.0515 4164 SynTP (c9a1785cc0d7a040dd0fdbfeaa8be135) C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:20:05.0203 4164 SynTP - ok
19:20:05.0343 4164 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:20:10.0734 4164 sysaudio - ok
19:20:11.0171 4164 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:20:15.0828 4164 Tcpip - ok
19:20:15.0953 4164 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:20:21.0031 4164 TDPIPE - ok
19:20:21.0156 4164 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
19:20:26.0109 4164 TDTCP - ok
19:20:26.0265 4164 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:20:31.0484 4164 TermDD - ok
19:20:31.0625 4164 thdudf (9d4bbd6e27b5562aea8295de7134e386) C:\WINDOWS\system32\DRIVERS\thdudf.sys
19:20:31.0937 4164 thdudf ( UnsignedFile.Multi.Generic ) - warning
19:20:31.0953 4164 thdudf - detected UnsignedFile.Multi.Generic (1)
19:20:32.0062 4164 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
19:20:32.0703 4164 tifm21 - ok
19:20:32.0968 4164 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:20:37.0781 4164 TosIde - ok
19:20:37.0968 4164 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
19:20:42.0750 4164 Udfs - ok
19:20:43.0156 4164 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:20:46.0718 4164 ultra - ok
19:20:46.0906 4164 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
19:20:51.0546 4164 Update - ok
19:20:51.0875 4164 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:20:52.0687 4164 USBAAPL - ok
19:20:52.0750 4164 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:20:57.0921 4164 usbccgp - ok
19:20:58.0125 4164 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:21:03.0343 4164 usbehci - ok
19:21:03.0656 4164 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:21:08.0718 4164 usbhub - ok
19:21:09.0046 4164 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:21:14.0593 4164 usbprint - ok
19:21:14.0796 4164 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:21:19.0828 4164 usbscan - ok
19:21:20.0062 4164 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:21:25.0265 4164 USBSTOR - ok
19:21:25.0421 4164 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:21:31.0015 4164 usbuhci - ok
19:21:31.0156 4164 usb_rndisx (ae4df3b7d1db9373b08db4ed224e26b6) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:21:45.0171 4164 usb_rndisx - ok
19:21:45.0437 4164 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
19:21:50.0796 4164 VgaSave - ok
19:21:51.0046 4164 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:21:55.0781 4164 viaagp - ok
19:21:55.0906 4164 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:22:01.0156 4164 ViaIde - ok
19:22:01.0328 4164 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
19:22:06.0812 4164 VolSnap - ok
19:22:07.0406 4164 w39n51 (4e7b07653f4f9937cf62ad2869fba520) C:\WINDOWS\system32\DRIVERS\w39n51.sys
19:22:08.0218 4164 w39n51 - ok
19:22:08.0437 4164 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
19:22:09.0015 4164 wacommousefilter - ok
19:22:09.0078 4164 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
19:22:09.0828 4164 wacomvhid - ok
19:22:09.0906 4164 WacomVKHid (889459833432b161cb99cfdf84a1a9bb) C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
19:22:10.0406 4164 WacomVKHid - ok
19:22:10.0468 4164 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:22:15.0765 4164 Wanarp - ok
19:22:15.0890 4164 WDICA - ok
19:22:15.0984 4164 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
19:22:21.0687 4164 wdmaud - ok
19:22:22.0000 4164 winachsf (214bc3ad84907ad6ad655ac5465f449a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:22:22.0906 4164 winachsf - ok
19:22:23.0765 4164 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:22:29.0359 4164 WmiAcpi - ok
19:22:29.0750 4164 WRkrn (39c65c25d921860197577e77e700882b) C:\WINDOWS\system32\drivers\WRkrn.sys
19:22:30.0312 4164 WRkrn - ok
19:22:30.0593 4164 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:22:36.0125 4164 WSTCODEC - ok
19:22:36.0390 4164 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:22:37.0031 4164 WudfPf - ok
19:22:37.0109 4164 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:22:37.0906 4164 WudfRd - ok
19:22:38.0625 4164 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:22:38.0890 4164 \Device\Harddisk0\DR0 - ok
19:22:47.0093 4164 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5
19:22:47.0265 4164 \Device\Harddisk1\DR5 - ok
19:22:52.0687 4164 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk6\DR10
19:22:52.0828 4164 \Device\Harddisk6\DR10 - ok
19:22:52.0968 4164 Boot (0x1200) (9de4878c76370a6dc185589fbe43eabf) \Device\Harddisk0\DR0\Partition0
19:22:52.0968 4164 \Device\Harddisk0\DR0\Partition0 - ok
19:22:53.0062 4164 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk0\DR0\Partition1
19:22:53.0062 4164 \Device\Harddisk0\DR0\Partition1 - ok
19:22:53.0156 4164 Boot (0x1200) (747218f723c7a375907a7f5c40e6c644) \Device\Harddisk0\DR0\Partition2
19:22:53.0187 4164 \Device\Harddisk0\DR0\Partition2 - ok
19:22:53.0281 4164 Boot (0x1200) (ee3dc49bbc7bdfb67117d318e9b51aa1) \Device\Harddisk1\DR5\Partition0
19:22:53.0281 4164 \Device\Harddisk1\DR5\Partition0 - ok
19:22:53.0421 4164 Boot (0x1200) (4cf23a182751d64892cb75312cf254f2) \Device\Harddisk6\DR10\Partition0
19:22:53.0437 4164 \Device\Harddisk6\DR10\Partition0 - ok
19:22:53.0453 4164 ============================================================
19:22:53.0453 4164 Scan finished
19:22:53.0453 4164 ============================================================
19:22:53.0781 5052 Detected object count: 7
19:22:53.0781 5052 Actual detected object count: 7
19:24:43.0796 5052 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:43.0796 5052 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:24:43.0812 5052 BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:43.0812 5052 BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:24:43.0812 5052 BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:43.0812 5052 BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:24:43.0843 5052 dvd43llh ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:43.0843 5052 dvd43llh ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:24:43.0937 5052 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:43.0937 5052 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:24:43.0968 5052 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:43.0968 5052 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:24:44.0000 5052 thdudf ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:44.0000 5052 thdudf ( UnsignedFile.Multi.Generic ) - User select action: Skip

Attached Files

  • Attached File  MBR.zip   523bytes   0 downloads


#4 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 22 October 2011 - 09:11 AM

I should add (referring to the TDDSKiller results) that DVD43llh is probably a dll for the small TSR application I've had for several years that defeats DVD copy protection.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,926 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:07 AM

Posted 22 October 2011 - 09:34 AM

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Some Rookit infection may damage your boot sector. The Windows Recovery Console may be needed to restore it. Do not bypass this installation. You may regret it.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Note: If you have difficulty properly disabling your protection programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Do not mouse click ComboFix's window while it's running. That may cause it to stall
===

#6 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 22 October 2011 - 07:39 PM

Here's the ComboFix log. No improvement in performance at all.

ComboFix 11-10-21.06 - Robert Weil 10/22/2011 10:23:59.1.2 - x86
Running from: c:\documents and settings\Robert Weil\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Robert Weil\g2mdlhlpx.exe
c:\documents and settings\Robert Weil\Local Settings\Application Data\Identities\{55508DB7-8BDC-4144-A7FA-E7384E153079}\Microsoft\Outlook Express\skyline_flash_3d.exe
c:\documents and settings\Robert Weil\My Documents\ZDS26556.TMP
c:\documents and settings\Robert Weil\WINDOWS
c:\documents and settings\Robert Weil\WINDOWS\inifile.upd
c:\documents and settings\Robert Weil\WINDOWS\QTFont.for
c:\documents and settings\Robert Weil\WINDOWS\QTFont.qfn
c:\documents and settings\Robert Weil\WINDOWS\system.ini
c:\documents and settings\Robert Weil\WINDOWS\win.ini
c:\windows\system32\svcd
I:\autorun.inf
I:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-09-22 to 2011-10-22 )))))))))))))))))))))))))))))))
.
.
2011-10-16 04:09 . 2011-10-16 04:09 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2011-10-16 03:02 . 2011-10-17 01:19 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2011-10-15 20:04 . 2011-10-20 07:55 140760 ----a-w- c:\windows\system32\WRusr.dll
2011-10-15 20:04 . 2011-10-20 07:55 106312 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2011-10-15 20:03 . 2011-10-22 10:05 -------- d-----w- c:\documents and settings\All Users\Application Data\WRData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-16 04:19 . 2007-10-27 19:03 90112 ----a-w- c:\windows\DUMP9f1e.tmp
2011-10-16 04:17 . 2007-10-27 19:03 90112 ----a-w- c:\windows\DUMPadd4.tmp
2011-09-13 13:30 . 2011-09-13 13:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-09-01 00:00 . 2011-03-26 02:36 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-08 13:08 . 2011-08-08 13:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2011-10-16 03:22 . 2011-04-26 00:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 19:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 20:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 22:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[7] 2006-02-28 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[7] 2006-02-28 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\asyncmac.sys
[7] 2006-02-28 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys
[7] 2006-02-28 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
.
[7] 2006-02-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[7] 2006-02-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\kbdclass.sys
[7] 2006-02-28 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\kbdclass.sys
[7] 2006-02-28 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ndis.sys
[7] 2006-02-28 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys
[7] 2006-02-28 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
[7] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB912436$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntfs.sys
[7] 2006-02-28 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ntfs.sys
.
[7] 2006-02-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[7] 2006-02-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[7] 2006-02-28 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2006-02-28 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\browser.dll
[7] 2006-02-28 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[7] 2006-02-28 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\lsass.exe
[7] 2006-02-28 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[7] 2006-02-28 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netman.dll
[7] 2006-02-28 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\netman.dll
[7] 2006-02-28 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\comres.dll
[7] 2006-02-28 12:00 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
[7] 2006-02-28 12:00 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\qmgr.dll
[7] 2006-02-28 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[7] 2006-02-28 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\rpcss.dll
[7] 2006-02-28 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\system32\rpcss.dll
[7] 2006-02-28 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2005-04-29 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[7] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
.
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\services.exe
[7] 2006-02-28 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\system32\services.exe
[7] 2006-02-28 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\services.exe
.
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\spoolsv.exe
[7] 2006-02-28 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe
[7] 2006-02-28 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\spoolsv.exe
[7] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[7] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe
.
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
[7] 2006-02-28 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
.
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 . ED7262E52C31CF1625B65039102BC16C . 111104 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wuauclt.exe
.
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\comctl32.dll
[7] 2006-02-28 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\system32\comctl32.dll
.
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cryptsvc.dll
[7] 2006-02-28 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[7] 2006-02-28 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\es.dll
[7] 2006-02-28 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\system32\es.dll
[7] 2006-02-28 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\es.dll
.
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\imm32.dll
[7] 2006-02-28 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[7] 2006-02-28 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\kernel32.dll
[7] 2006-02-28 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\system32\kernel32.dll
.
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\linkinfo.dll
[7] 2006-02-28 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\linkinfo.dll
[7] 2006-02-28 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\lpk.dll
[7] 2006-02-28 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[7] 2006-02-28 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2009-12-22 . BD1365D9400C3DB84D76AE77318E1A8D . 3063808 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp2gdr\mshtml.dll
[-] 2009-12-22 . 5747867041C33E26DA5CC893C9532DB8 . 3071488 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp2qfe\mshtml.dll
[-] 2009-12-22 . A758F0891A87EE005848A0BC740A5B96 . 3071488 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp3gdr\mshtml.dll
[-] 2009-12-22 . AD17006339C1934D86449F335C241FF1 . 3073536 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp3qfe\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\mshtml.dll
.
[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msvcrt.dll
[7] 2006-02-28 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[7] 2006-02-28 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll
[7] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\mswsock.dll
[7] 2006-02-28 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\system32\mswsock.dll
[7] 2006-02-28 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\mswsock.dll
.
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[7] 2006-02-28 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
[7] 2006-02-28 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\powrprof.dll
[7] 2006-02-28 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[7] 2006-02-28 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[7] 2006-02-28 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[7] 2006-02-28 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sfc.dll
[7] 2006-02-28 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[7] 2006-02-28 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[7] 2006-02-28 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[7] 2006-02-28 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tapisrv.dll
[7] 2006-02-28 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\system32\tapisrv.dll
[7] 2006-02-28 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\user32.dll
[7] 2006-02-28 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll
[7] 2006-02-28 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
[7] 2006-02-28 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[7] 2006-02-28 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2009-12-22 . A59054653A2DA13132BE377A650971C9 . 662016 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp2gdr\wininet.dll
[-] 2009-12-22 . 3E617A36A895363FBBE6D1D0405D7E12 . 668672 . . [6.00.2900.3660] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp2qfe\wininet.dll
[-] 2009-12-22 . 814C265012ED921443C515A591D5BFE1 . 667136 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp3gdr\wininet.dll
[-] 2009-12-22 . BD27AF5C72D2FBFE491D3A3A8429B974 . 668672 . . [6.00.2900.5921] . . c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp3qfe\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wininet.dll
[7] 2006-02-28 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\system32\wininet.dll
.
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ws2_32.dll
[7] 2006-02-28 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[7] 2006-02-28 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ws2help.dll
[7] 2006-02-28 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
[7] 2006-02-28 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[7] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[7] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\regedit.exe
[7] 2004-08-04 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\regedit.exe
[7] 2004-08-04 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ole32.dll
[7] 2006-02-28 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\system32\ole32.dll
[7] 2006-02-28 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ole32.dll
[7] 2005-04-29 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[7] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll
[7] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[7] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll
.
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\usp10.dll
[7] 2006-02-28 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll
[7] 2006-02-28 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\dllcache\usp10.dll
.
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ksuser.dll
[7] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll
[7] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll
[7] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\ksuser.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\srsvc.dll
[7] 2006-02-28 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[7] 2006-02-28 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll
.
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wscntfy.exe
[7] 2006-02-28 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
[7] 2006-02-28 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\xmlprov.dll
[7] 2006-02-28 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
[7] 2006-02-28 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[7] 2006-02-28 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[7] 2006-02-28 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sfcfiles.dll
[7] 2006-02-28 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[7] 2006-02-28 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ctfmon.exe
[7] 2006-02-28 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[7] 2006-02-28 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\shsvcs.dll
[7] 2006-02-28 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll
[7] 2006-02-28 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\shsvcs.dll
.
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\regsvc.dll
[7] 2006-02-28 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[7] 2006-02-28 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\schedsvc.dll
[7] 2006-02-28 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[7] 2006-02-28 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ssdpsrv.dll
[7] 2006-02-28 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[7] 2006-02-28 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\termsrv.dll
[7] 2006-02-28 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
[7] 2006-02-28 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hnetcfg.dll
[7] 2006-02-28 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll
[7] 2006-02-28 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\appmgmts.dll
[7] 2006-02-28 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
[7] 2006-02-28 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\appmgmts.dll
.
[7] 2006-02-28 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[7] 2006-02-28 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\aec.sys
[7] 2006-02-28 12:00 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\dllcache\aec.sys
[7] 2006-02-28 12:00 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[7] 2006-02-28 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\agp440.sys
[7] 2006-02-28 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\AGP440.SYS
.
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\mfc40u.dll
[7] 2006-02-28 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
[7] 2006-02-28 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\system32\dllcache\mfc40u.dll
.
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msgsvc.dll
[7] 2006-02-28 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[7] 2006-02-28 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll
.
[7] 2006-10-19 05:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[7] 2006-10-19 05:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[7] 2006-02-28 12:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2005-01-28 20:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[7] 2004-08-04 21:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntkrnlpa.exe
[7] 2006-02-28 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\system32\ntkrnlpa.exe
[7] 2005-10-11 . DDBFA4EAE9251712F20193DD47B361BD . 2057344 . . [5.1.2600.2774] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2005-10-11 . DDBFA4EAE9251712F20193DD47B361BD . 2057344 . . [5.1.2600.2774] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2005-09-28 . 48472D224E1703882B4DE0E28E205E9B . 2015744 . . [5.1.2600.2765] . . c:\windows\$NtUninstallKB909095$\ntkrnlpa.exe
[7] 2004-08-04 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896256$\ntkrnlpa.exe
.
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntmssvc.dll
[7] 2006-02-28 12:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[7] 2006-02-28 12:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\upnphost.dll
[7] 2006-02-28 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll
[7] 2006-02-28 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\dsound.dll
[7] 2006-02-28 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
[7] 2006-02-28 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\d3d9.dll
[7] 2006-02-28 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
[7] 2006-02-28 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ddraw.dll
[7] 2006-02-28 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
[7] 2006-02-28 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\olepro32.dll
[7] 2006-02-28 12:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
[7] 2006-02-28 12:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\perfctrs.dll
[7] 2006-02-28 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
[7] 2006-02-28 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\version.dll
[7] 2006-02-28 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
[7] 2006-02-28 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\version.dll
.
[-] 2008-04-14 . 55794B97A7FAABD2910873C85274F409 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\iexplore.exe
[7] 2004-08-04 . E7484514C0464642BE7B4DC2689354C8 . 93184 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\iexplore.exe
.
.
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntoskrnl.exe
[7] 2006-02-28 . 626309040459C3915997EF98EC1C8D40 . 2148352 . . [5.1.2600.2180] . . c:\windows\system32\ntoskrnl.exe
[7] 2005-10-12 . 7B69EA89C7B9966BF552A070D97C5013 . 2180096 . . [5.1.2600.2774] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2005-10-12 . 7B69EA89C7B9966BF552A070D97C5013 . 2180096 . . [5.1.2600.2774] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2005-09-29 . 25C36DBC46E8EFF2A811769A60715AC5 . 2136064 . . [5.1.2600.2765] . . c:\windows\$NtUninstallKB909095$\ntoskrnl.exe
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\srsvc.dll
[7] 2006-02-28 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[7] 2006-02-28 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll
.
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\w32time.dll
[7] 2006-02-28 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll
[7] 2006-02-28 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wiaservc.dll
[7] 2006-02-28 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\system32\wiaservc.dll
[7] 2006-02-28 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\midimap.dll
[7] 2006-02-28 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll
[7] 2006-02-28 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\rasadhlp.dll
[7] 2006-02-28 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\system32\rasadhlp.dll
[7] 2006-02-28 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\rasadhlp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1207080]
"SUPERAntiSpyware"="e:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-03-16 2423752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-15 454656]
"MsmqIntCert"="mqrt.dll" [2006-02-28 177152]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-04 761948]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 131072]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2006-02-22 40960]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"TotalRecorderScheduler"="c:\program files\HighCriteria\TotalRecorder\TotRecSched.exe" [2006-05-12 86016]
"RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-02 65536]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2008-03-01 826880]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-26 619008]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-15 7561216]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-15 86016]
"nwiz"="nwiz.exe" [2006-04-15 1519616]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"WRSVC"="c:\program files\Webroot\WRSA.exe" [2011-10-20 605272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk&inst=NzctNzg0MDgyMjU3LVNUMTJGT0krMS1ERFQrMA&prod=90&ver=2012.0.1831&mid=fd12229629b747d184a5d15a445a650e-41f21509a2af8094fb3facace9dc051f4cb66a21" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Robert Weil^Start Menu^Programs^StartUp^Picaboo.lnk]
path=c:\documents and settings\Robert Weil\Start Menu\Programs\StartUp\Picaboo.lnk
backup=c:\windows\pss\Picaboo.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
2004-06-07 20:53 61440 ----a-w- c:\program files\AIM\aim.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LightScribeService"=2 (0x2)
"Bonjour Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\StorageCraft\\ImageManager\\ImageManagerClient.exe"=
"c:\\Program Files\\SonicWALL\\SonicWALL Global VPN Client\\SWGVC.exe"=
"c:\\WePrint\\WePrint Server.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\FTP Commander\\ftpcomm.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4978:TCP"= 4978:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 Mdno50;Mdno50; [x]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;o:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SWGVCSvc;SonicWALL Global VPN Client Service;c:\program files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe [2009-03-06 227352]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-09-08 4410152]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-09-28 4463400]
R2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2011-10-20 605272]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 SASENUM;SASENUM;e:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
R3 scsiscan;SCSI Scanner Driver;c:\windows\system32\DRIVERS\scsiscan.sys [2001-08-17 10880]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
R3 SWVNIC;SonicWALL Virtual Miniport;c:\windows\system32\DRIVERS\swvnic.sys [2009-03-05 21016]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-03-22 64512]
S0 stcvsm;stcvsm; [x]
S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2011-10-20 106312]
S1 SASDIFSV;SASDIFSV;e:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;e:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-05-10 67656]
S1 sbmount;StorageCraft Image Mount Driver; [x]
S1 SWIPsec;SonicWALL IPsec Driver;c:\windows\system32\Drivers\SWIPsec.sys [2009-03-06 87064]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2010-12-23 66560]
S2 ShadowProtectSvc;ShadowProtect Service;c:\program files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [2010-12-13 3631648]
S2 StorageCraft Image Manager;StorageCraft Image Manager;c:\program files\StorageCraft\ImageManager\ImageManager.exe [2009-12-18 102400]
S2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\DRIVERS\thdudf.sys [2011-06-03 66944]
S2 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\windows\system32\vsnapvss.exe [2010-12-13 67616]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-09-08 112936]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 33563680
*NewlyCreated* - ASWMBR
*NewlyCreated* - PROCEXP141
*Deregistered* - 33563680
*Deregistered* - aswMBR
*Deregistered* - PROCEXP141
*Deregistered* - pwdoikog
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-22 c:\windows\Tasks\AdobeAAMUpdater-1.0-BOBSLAPTOP-Robert Weil.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-07-29 08:25]
.
2011-10-15 c:\windows\Tasks\prismShakeIcon.job
- c:\program files\NCH Software\Prism\prism.exe [2011-03-15 14:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Namo SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Robert Weil\Application Data\Mozilla\Firefox\Profiles\1ie5u3vs.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage -
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-svcWRSSSDK
MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG2012\avgtray.exe
AddRemove-Adobe Premiere 6.5 - j:\program files\Premiere6_5\DeIsL1.isu
AddRemove-HijackThis - c:\utilities\HijackThis.exe
AddRemove-Xilisoft HD Video Converter 6 - c:\program files\Xilisoft\HD Video Converter 6\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-22 13:41
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?????? ???@???????????????@? ????f??????(?@???????@
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-714373593-766633883-78019857-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-714373593-766633883-78019857-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CBA53C4-1D50-05BF-DAF6-59E49A11B2BE}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oaofpgfcnnaplgicefogfplhnmcghg"=hex:6a,61,68,69,66,6a,66,70,68,68,6d,6b,62,66,
61,6c,63,63,68,68,00,bf
"naeebalaoigppmkefcdeljggegak"=hex:6a,61,68,69,68,69,68,64,66,62,6f,67,68,68,
64,67,66,6d,6e,6c,00,bf
.
[HKEY_USERS\S-1-5-21-714373593-766633883-78019857-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CC643CA2-2803-882D-FB20-CB7A80E93E20}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaoeifmojppldanfkj"=hex:69,61,65,6a,65,6f,62,6d,62,6d,6e,64,6e,6c,63,6b,61,64,
00,00
"haiooiepghmkkbhm"=hex:6b,61,66,6a,6b,6a,61,66,66,63,6f,6e,63,64,67,63,6e,6c,
69,63,67,6d,00,00
"hadhkehihelogjpe"=hex:6b,62,6f,69,6d,62,70,6b,70,6f,62,70,62,6d,63,6f,66,6f,
67,63,67,6f,6c,6f,6a,6f,70,62,6c,6f,6a,62,68,62,6f,70,68,67,69,6d,68,64,66,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC643CA2-2803-882D-FB20-CB7A80E93E20}\InProcServer32*]
"jameebaefdofgpiojlbo"=hex:69,61,65,6a,65,6f,62,6d,62,6d,6e,64,6e,6c,63,6b,61,
64,00,00
"iamegcgoinipdgpmpe"=hex:6b,61,66,6a,6b,6a,61,66,66,63,6f,6e,63,64,67,63,6e,6c,
69,63,67,6d,00,00
.
Completion time: 2011-10-22 15:13:48
ComboFix-quarantined-files.txt 2011-10-22 22:13
.
Pre-Run: 3,047,489,536 bytes free
Post-Run: 4,118,315,008 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(4)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(4)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 935B2BBFCB3B5AC42E9B7435B86C9EC7

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,926 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:07 AM

Posted 23 October 2011 - 08:46 AM

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Since nothing suspicious was found on your logs please run this scan.

Download the latest version of Kaspersky Virus Removal Tool
  • Close all other applications and double-click and run the installer.
  • When AVPTool starts, select all the scanable items except for CD-ROM drives.
  • Then please choose Security level: Recommended and perform the following actions.
    Posted Image
  • Click the Start scan button.
  • If malware is detected, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • After the scan finishes, if any threat remains in the Scan window (Red exclamation point), click the Neutralize all button
  • In the window that opens, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • If advised that a special disinfection procedure is required which demands system reboot: click the Ok button to close the window.
  • In the Scan window click the Reports button and select Save to file.
  • Name the report AVPT.txt, and save it to the Desktop.
  • Close AVPTool.
  • You will be prompted if you want to uninstall the program; click Yes.
  • You will then be prompted that to complete the uninstallation, the computer must be restarted. Select Yes to restart the system.
  • Copy and paste the first part of the report (Detected) that you saved in your next reply. Do not include the longer list marked Events.

Post the logs and let me know if the problem persists.
===

#8 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 23 October 2011 - 10:25 AM

SecurityCheck starts (and shows as running in Task Manager), but nothing happened after waiting ten minutes. No black box opened and there was no other indication that it is running.

Should I run Kaspersky anyway?

#9 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 23 October 2011 - 10:37 AM

What's kind of interesting is that, out of the blue, Gif Animator opened (I haven't used it in years), Windows installer started running (I cancelled it) and a window popped up referring to "Initial Video I/O..." with a cancel button.

I stopped those processes, but SecurityCheck just kept running with an identical level of memory usage (5,18), and no CPU - and no black window.

I will be away from my desk for about four hours, so will leave SecurityCheck running. If nothing has happened when I return, I'll go ahead and stop that process and run Kaspersky, unless I hear otherwise from you.

#10 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 23 October 2011 - 10:38 AM

On a side note, Windows Intaller opening was a symptom (or concurrence) from an earlier infection (about March of this year).

#11 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 23 October 2011 - 10:53 PM

I ran the Kaspersky install, and the installation apparently failed. I tried rebooting, and attempted to install again. I got this error message:
AVPTool Installation Failed [title]
Please try to reboot your computer. Error message is Failed to extract the product into: C:\Docume~1\Robert~1\LOCALS~\8141463, error is 193

I rebooted, and the installation continued again, and this error window appeared:
Error
Installation Failed.

What next?

#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,926 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:07 AM

Posted 24 October 2011 - 10:09 AM

Try to run the SecurityCheck as an Administrator.
Right Click on the .exe file and select that option.
===


Kaspersky error 193 details here.

http://support.kaspersky.com/faq/?qid=208284612
===

If you are unable to run it try this one.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


#13 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 25 October 2011 - 08:08 AM

Well, I struck out on this round. I'm unable to run SecurityCheck as an Administrator (I don't have the password for it), and I could not run Eset Online either. I get the dialogue box that says that it is Downloading Components, but the progress bar never starts or moves - the installation is clearly stalled. I've attempted to shut down all unnecessary processes and restarted several times, but to no avail.

I also tried launching IE in order to run the web version of ESET, but although it begins to launch, IE freezes part way through the launch cycle.

#14 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 25 October 2011 - 09:18 AM

I don't know if this would help at all, but I can boot into a Windows XP instance on another partition and run a program against the C: drive. I don't use the partition, and I'm not sure if I can get Internet access for downloading virus signatures, but perhaps I could run the full 94mb ESET install program.

Let me know if you want me to try something from there (although we're probably after programs resident in memory or in the registry).

Thanks.

#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,926 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:07 AM

Posted 25 October 2011 - 12:51 PM

Remove your current version of Kaspersky removal tool.

Download this new program from them. See if you can run it and submit the logs.

Please download to your Desktop:
  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

In your next reply, please include the following (you may need to use two posts to get it all in):
  • TDSSKiller_log.txt
how the PC is running now?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users